Comments (16)
代码增加了urldecode调用。
from smartdns.
mosdns所在的系统信任smartdns证书的根证书吗?
[2024-02-18 04:59:49,727][DEBUG][ dns_server.c:7825] decode query failed.
[2024-02-18 04:59:49,727][DEBUG][ dns_server.c:7921] process one request failed.
[2024-02-18 04:59:49,727][DEBUG][ dns_server.c:7988] process tcp request failed.
[2024-02-18 04:59:49,727][DEBUG][ dns_server.c:8165] process TLS packet from xxxxxxxxxxxxx failed.
[2024-02-18 04:59:49,728][DEBUG][ dns_server.c:8592] dns server process failed.
测试了一下post方式是好的 但是get方式对于base64处理可能有问题 #1640 @pymumu
from smartdns.
把-I去掉,不支持HEAD方法。
另外smartdns目前也不支持HTTP2.
from smartdns.
把-I去掉,不支持HEAD方法。 另外smartdns目前也不支持HTTP2.
试过了不加headers也一样是400,。另外浏览器直接打开也是400
from smartdns.
把-I去掉,不支持HEAD方法。 另外smartdns目前也不支持HTTP2.
找到原因了,按照doh的规范,base64最后补位的“=”会被删掉。smartdns在处理时似乎没有补位,这导致一些网址能查询,另一些查不了(比如www.taobao.com查报400,www1.taobao.com正常
from smartdns.
=
是padding对齐用的,计算长度的时候,会减掉相应的=个数。这个base64解码函数在spki-pin的时候也是这个函数,不应该有问题。
Lines 979 to 1005 in 2c9ca2e
我简单测试了一下,是正常的,没有问题,用的如下命令。
curl -k -H 'accept: application/dns-message' -v 'https://192.168.1.1:843/dns-query?dns=AAABAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB' | hexdump -C
curl -I
是指示用HEAD方法,DOH没有描述说支持HEAD方法。
另外,chrome,firefox,edge默认应该是POST方法,不是GET方法,这几个浏览器我验证是正常的。
不清楚你用了什么浏览器。
from smartdns.
那么我可能是遇到了其他问题
Python 3.7.0 (v3.7.0:1bf9cc5093, Jun 27 2018, 04:59:51) [MSC v.1914 64 bit (AMD64)] on win32
Type "help", "copyright", "credits" or "license" for more information.
>>> import dns.message,base64,requests
>>>
>>> domain = "www.taobao.com"
>>> r = requests.get("https://xxxxxxxxxxxxxxxx/dns-query?dns=" + base64.b64encode(dns.message.make_query(domain, "A").to_wire()).decode("UTF8").rstrip("="), verify=False)
>>> print(r)
<Response [400]> <---------www.taobao.com 返回400
>>>
>>> domain = "www1.taobao.com"
>>> r = requests.get("https://xxxxxxxxxxxxxxxx/dns-query?dns=" + base64.b64encode(dns.message.make_query(domain, "A").to_wire()).decode("UTF8").rstrip("="), verify=False)
>>> print(r)
<Response [200]> <---------www1.taobao.com 返回200
>>> print (dns.message.from_wire(r.content).answer)
[<DNS www1.taobao.com. IN CNAME RRset: [<tao.conf.cn.zb.v4.aserver.alibabacorp.com.gds.alibabadns.com.>]>, <DNS tao.conf.cn.zb.v4.aserver.alibabacorp.com.gds.alibabadns.com. IN A RRset: [<59.82.31.244>]>]
>>>
>>> domain = "www.163.com"
>>> r = requests.get("https://xxxxxxxxxxxxxxxx/dns-query?dns=" + base64.b64encode(dns.message.make_query(domain, "A").to_wire()).decode("UTF8").rstrip("="), verify=False)
>>> print(r)
<Response [400]>
>>>
>>> domain = "mail.163.com"
>>> r = requests.get("https://xxxxxxxxxxxxxxxx/dns-query?dns=" + base64.b64encode(dns.message.make_query(domain, "A").to_wire()).decode("UTF8").rstrip("="), verify=False)
>>> print(r)
<Response [200]>
>>> print (dns.message.from_wire(r.content).answer)
[<DNS mail.163.com. IN CNAME RRset: [<mail163.mail.ntes53.netease.com.>]>, <DNS mail163.mail.ntes53.netease.com. IN A RRset: [<123.126.96.214>]>]
目前观察是否返回400与域名长度有关
from smartdns.
去掉.rstrip("=")
from smartdns.
去掉
.rstrip("=")
去掉后确实正常了,但应该删=啊?,否则应该转译用%3d
from smartdns.
代码增加了urldecode调用。
我坚持应该处理去掉“=”,而不是转译。依据是RFC8484第11页
When using the GET method, the data payload for this media type MUST
be encoded with base64url [RFC4648] and then provided as a variable
named "dns" to the URI Template expansion. Padding characters for
base64url MUST NOT be included.
from smartdns.
修正了一下。
from smartdns.
修正了一下。
查询正确,但返回不正确。查询mail.163.com
时返回是空白(post方式返回正确
from smartdns.
这次应该好了。
from smartdns.
我这里试是好了,楼主试一下最新版呢 @bboysoulcn
from smartdns.
我这里试是好了,楼主试一下最新版呢 @bboysoulcn
ok 我看下
from smartdns.
我这里试是好了,楼主试一下最新版呢 @bboysoulcn
应该可以了
from smartdns.
Related Issues (20)
- 详细记录测速结果-0.1ms的原因,例如关闭测速还是无法测速 HOT 2
- SmartDNS ERR_NAME_NOT_RESOLVED HOT 13
- 老是崩溃 HOT 3
- 更新 45 版本后,第二 DNS 服务器的第一次查询出现 SERVFAIL HOT 23
- 编译失败了,求助下 HOT 6
- Random crash when using MAC addresses as client identifiers HOT 5
- Cannot listen on more than 3 devices HOT 8
- 域名集合文件的格式以及匹配规则是什么样的(文档无具体说明) HOT 4
- 反查ip无结果时缓存时间及serve-expired
- 3月12日版本可能有bug HOT 2
- 请问这样的参数用对了吗? HOT 4
- 从系统读取ip以配置edns HOT 3
- 推荐去广告规则AWAvenue-Ads-Rule 但是没有smartdns版本 HOT 7
- 【BUG反馈】端口设为53+勾选自动设置dnsmasq时出错 HOT 2
- 安卓连接异常 HOT 6
- Use semantic versioning HOT 20
- mDNS查询开启后 过一阵端口直接无响应 HOT 1
- 有没有办法实现,远程 dns 解析只返回 ipv4,国内 dns 解析双栈返回? HOT 2
- DoH 路径修改 HOT 3
- 使用阿里dns,不定时出现Connection reset by peer HOT 38
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from smartdns.